Welcome🖐

Refer to Tempest for the challenge room on TryHackMe Preparation - Tools and Artifacts Toolset Sysmon Logs Windows Event Logs Packet Capture Endpoint Logs To analyze Windows artefacts like Windows Event Logs and Sysmon logs, we will use the following tools: EvtxEcmd Timeline Explorer SysmonView Event Viewer Endpoint Logs To... [Read More]

Refer to Snapped Phish-ing Line for the challenge room on TryHackMe Scenario As an IT department personnel at SwiftSpend Financial, one of your responsibilities is to assist employees with their technical concerns. While everything seemed routine, the situation changed when several employees from various departments began reporting an unusual email... [Read More]

Refer to The Greenholt Phish for the challenge room on TryHackMe Scenario A Sales Executive at Greenholt PLC received an unexpected email from a customer. He noted that the customer typically does not use generic greetings like "Good day" and that he was not expecting any money to be transferred... [Read More]

Refer to Benign for the challenge room on TryHackMe Scenario One of the client’s Intrusion Detection Systems (IDS) flagged a suspicious process on a computer in the HR department, suggesting it might be compromised. We observed tools related to network information gathering and scheduled tasks running on the affected machine,... [Read More]

Refer to ItsyBitsy for the challenge room on TryHackMe Scenario While monitoring security, Analyst John saw an alert from the IDS system about possible command-and-control (C2) communication involving a user named Browne from HR. A suspicious file with a known malicious pattern was accessed. We’ve pulled a week’s worth of... [Read More]